A security vulnerability in the Sun Fire X2100M2 and Sun Fire X2200M2 implementation of IPMI may allow an unprivileged ipmitool(1m) user to gain unauthorized administrative privileges and then be able to reset or power off a local or remote Sun Fire X2100M2 or Sun Fire X2200M2 server.

This issue can occur on the following platforms:

x86 Platform

• Sun Fire X2100M2 without BMC/SP Firmware 2.91
• Sun Fire X2200M2 without BMC/SP Firmware 2.91

Notes:

1. The ipmitool(1m) is used for remote monitoring of Sun x64 systems and therefore does not affect the SPARC platform.
2. This issue does not affect any other x64 systems apart from the Sun Fire X2100M2 and Sun Fire X2200M2.

To determine the current firmware revision on the system, the following command can be run:

    # ipmitool -H <ipaddress> -U <username> -P <password> mc info
    Device ID                 : 5
    Device Revision           : 0
    Firmware Revision         : 2.91
    IPMI Version              : 2.0
    Manufacturer ID           : 7244
    Manufacturer Name         : Unknown (0x1c4c)
    Product ID                : 21305 (0x5339)
    Device Available          : yes
    Provides Device SDRs      : yes

There are no predictable symptoms that would indicate the described vulnerability has been exploited.

There is no workaround for this issue. Please see the Resolution section below.

This issue is addressed on the following platforms:

x86 Platform

• Sun Fire X2100M2 with BMC/SP Firmware 2.91 (included with M2 Server 1.4 CD ISO release) at http://www.sun.com/servers/entry/x2100/downloads.jsp
• Sun Fire X2200M2 with BMC/SP Firmware 2.91 (included with M2 Server 1.4 CD ISO release) at http://www.sun.com/servers/x64/x2200/downloads.jsp

• Revised Synopsis and Impact section

This solution has no attachment